Lessons from the iSOON Leaks



https://blog.bushidotoken.net/2024/02/lessons-from-isoon-leaks.html?m=1

Twitter Public Opinion Guidance and Control System 


The Twitter Tool whitepaper in the leak was used by iSOON to sell its commercial surveillance platform to the Chinese MPS for monitoring dissents. Notably, the iSOON developers also claimed to have a 1-click exploit to bypass Twitter two-factor authentication (2FA) security controls to gain control over the target’s account. This exploit was to be distributed via Twitter direct messages (DMs) in the form of URLs, which iSOON called forensic links. These forensic links can gain access to the accounts but also gather IP addresses, IP locations, device type, and browser version....

XAMPP Buffer Overflow
Link


#pwn
---------
@islemolecule_source

_Modern_Initial_Access_and_Evasion_Tactics



https://www.x33fcon.com/slides/x33fcon23_-_Mariusz_Banach_-_Modern_Initial_Access_and_Evasion_Tactics.pdf


---------
@islemolecule_source

_Build_Your_Own_Tools_For_Fun_And_Profit

https://www.x33fcon.com/slides/x33fcon22_-_Cas_van_Cooten_-_BYOT_-_Build_Your_Own_Tools_For_Fun_And_Profit.pdf

---------
@islemolecule_source

BlackHat_Eagle_ida_pro

---------
@islemolecule_source

Let me share the course itself :)

Samples
pass : infected

Exploiting Linux kernel cls_tcindex network traffic classifier (CVE-2023-1829) Excellent writeup by Vu Thi Lan ( @lanleft_ )


https://starlabs.sg/blog/2023/06-breaking-the-code-exploiting-and-examining-cve-2023-1829-in-cls_tcindex-classifier-vulnerability/…


#CVE_analysis ,

Deep Dive into OS Internals with Windbg
Malware and OS Internals


[ 01 ] Reversing Windows Internals
[ 02 ] Portable Executable Anatomy
[ 03 ] Data Directories of Interest
[ 04 ] Import Directory
[ 05 ] Import Address Table
[ 06 ] Export Directory
[ 07 ] Manual Walkthrough of Export Directory
[ 08 ] Process Environment Block
[ 09 ] Different methods to locate the PEB
[ 10 ] Understanding an Example Shellcode
[ 11 ] Using _PEB_LDR_DATA
[ 12 ] Using _LDR_DATA_TABLE_ENTRY
[ 13 ] Practical Example with Rustock.B Rootkit

#windows
---------
@islemolecule_source

TinyTurla-NG in-depth tooling and command and control analysis

https://blog.talosintelligence.com/tinyturla-ng-tooling-and-c2/

#c2

A Deep Dive Into Exploiting Windows Thread Pools


https://urien.gitbook.io/diago-lima/a-deep-dive-into-exploiting-windows-thread-pools

#window_internals , #exploitation

Static Analysis Automation for Hunting Vulnerable Kernel Drivers

https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html

Slides 👇

Unpacking RC4 Encrypted Malware - REvil ransomware

Link


#malware_analysis
#reverse
---------
@islemolecule_source

Deep Dive into DLL Sideloading and DLL Hijacking
Link

#malware_dev
------
@islemolecule_source